MessageGate Highlights Email Misperceptions

By Greg McNevin

December 7, 2007: According to email management provider MessageGate, misinformation and misperception are stifling enterprise email governance and controls, with common misconceptions eating into both the time and budgets of IT departments.

“Misinformation is dangerous when it comes to enterprise email governance, especially when combating data leakage in heavily-regulated corporate environments,” said Shaun Wolfe, CEO for MessageGate. “Falling victim to common email misperceptions wastes valuable IT time and budget, which is why MessageGate separates fact from fiction to deliver practical email controls. Our analysis often uncovers customer governance laid to waste due to common myths, especially sensitive data sent to unintended external recipients caused by email control gaps.”To highlight this, the company has identified seven myths commonly associated with corporate email governance and controls, all of which stem from reoccurring misperceptions uncovered during MessageGate’s Activity Profile (MAP) customer audits.

• 1) My company does not have a data leakage problem.
  
  In what will unsettle some and come as no shock to others, the firm claims that all companies experience some form of data leakage. While it says that 80 percent of all data leaks are unintentional, most can be attributed to employees insecurely sending sensitive files via Web-based email in order to continue work from home.
• 2) IT “owns” email and is ultimately responsible for its destiny.
  
  According to MessageGate, Email ownership is a continuing battle. On one hand, employees claim ownership of email as creator of the message. IT departments, however, see it as their asset to manage because it resides on the corporate network. Neither is absolutely correct, for email is now an important legal record and an enterprise as a whole is responsible for every email travelling across its network.
• 3) IT must read every incoming and outgoing message for email controls to be effective.
  
  “Big brother” and personal privacy are potent modern concerns, however, according to MessageGate most IT departments lack the budget and manpower to police each and every message. Lexicon and contextual controls are common ways of automating unintentional data leaks and educating employees on acceptable email use.
• 4) Email controls only hamper employee productivity.
  
  MessageGate claims this is a false impression stemming from legacy solutions, as modern email systems have increased security while ensuring employees follow uniform archiving and other governance policies with little interruption.
• 5) Securing the corporate network ensures email confidentiality.
  
  According to MessageGate’s research, employees often believe that emails are only accessible to their intended recipients, and IT departments assume corporate network security efforts are enough. However, the company notes that the reality is much different, with employees creating local copies of their Outlook PST file to bypass burdensome security procedures, creating risk if a laptop is stolen for example.
• 6) Instant messaging (IM) is a bigger threat than email.
  
  When it comes to IM, text messaging and other alternative communication channels, despite being hyped up as a threat MessageGate claims these pale in comparison to “the true 800-pound gorilla”. Email security is still number one as it is the largest communication channel used within corporate environments. The company says practical governance starts with email, and expands to include alternative channels once a solid foundation is established.
• 7) Spam, email viruses and other incoming threats have diminished.
  
  Finally, despite a lot of talk surrounding outgoing email security, incoming email threats have not diminished. MessageGate says nalysts predict spam to grow to as much as 80 percent of all email traffic by 2011.

Overall, the company says that an enterprise must remain vigilant to protect against data leakage, incoming threats, and perhaps most of all, potentially risky misperceptions.

Comment on this story